<?phpinclude "Header.php"; $Configuration = mysqli_fetch_object($Configura

1. <?php
2. include "Header.php";
3.  
4. $Configuration = mysqli_fetch_object($Configuration = mysqli_query($connection, "SELECT * FROM Configuration"));
5.  
6. if ($Configuration->Register == "true") {
7. if (!$User) {
8. echo '
9. <!DOCTYPE html>
10. <html>
11. <body>
12. <p style="text-align: center;">&nbsp;</p>
13. <table style="width: 454px; margin-left: auto; margin-right: auto;">
14. <tbody>
15. <tr>
16. <td style="width: 311px;">
17. <div id="LargeText" style="text-align: center;">
18. <strong>Register</strong>
19. </div>
20. <form action="register.php" method="post">
21. <table cellpadding="0" cellspacing="5" style="width: 341.5px; margin-left: auto; margin-right: auto;">
22. <tbody>
23. <tr>
24. <td style="padding-right: 1px; width: 149px;"><strong>Username</strong></td>
25. <td style="width: 190.5px;"><input name="user" type="text"></td>
26. </tr>
27. <tr>
28. <td style="padding-right: 5px; width: 149px;"><strong>Password</strong></td>
29. <td style="width: 190.5px;"><input name="pass" type="password"></td>
30. </tr>
31. <tr>
32. <td style="padding-right: 5px; width: 149px;"><strong>Confirm Password</strong></td>
33. <td style="width: 190.5px;"><input name="confirmpass" type="password"></td>
34. </tr>
35. <tr>
36. <td style="padding-right: 5px; width: 149px;"><strong>Email</strong></td>
37. <td style="width: 190.5px;"><input name="email" type="text"></td>
38. </tr>
39. </tbody>
40. </table>
41. <p style="text-align: center;"><input type="submit" name="submit" value="Register"></p>
42. </form>
43. </td>
44. </tr>
45. </tbody>
46. </table>
47. </body>
48. </html>
49. ';
50. $Username = mysqli_real_escape_string($connection, $_POST['user']);
51. $Password = mysqli_real_escape_string($connection, $_POST['pass']);
52. $ConfirmPassword = mysqli_real_escape_string($connection, $_POST['confirmpass']);
53. $Email = mysqli_real_escape_string($connection, $_POST['email']);
54. $Submit = mysqli_real_escape_string($connection, $_POST['submit']);
55. $ref = mysqli_real_escape_string($connection, $_GET['ref']);
56.  
57. function is_alphanumeric($username) {
58. return (bool) preg_match("/^([a-zA-Z0-9])+$/i", $username);
59. }
60.  
61. if ($Submit) {
62. die("sssdfsofskllsflj");
63. $Username = filter($Username);
64. $ref = filter($_GET['ref']);
65. if (!$Username || !$Password || !$ConfirmPassword || !$Email || !$ReCaptcha) {
66. echo"sdfsfdosdf";
67. echo "<head><center><div id='Error'>Please fill in all of the fields.</div></center></head>";
68. } else {
69. echo"2129";
70. $userExist = mysqli_query($connection, "SELECT * FROM Users WHERE Username='$Username'");
71. $userExist = mysqli_num_rows($userExist);
72. $userExist1 = mysqli_query($connection, "SELECT * FROM Users WHERE OriginalName='$Username'");
73. $userExist1 = mysqli_num_rows($userExist1);
74. if ($userExist > 0) {
75. echo "<div id='Error'>That username already exists.</div>";
76. } elseif ($userExist1 > 0) {
77. echo "<div id='Error'>That username already exists.</div>";
78. } else {
79. if ($ConfirmPassword != $Password) {
80. echo "<div id='Error'>Your password and confirm password does not match.</div>";
81. } else {
82. if (strlen($Username) >= 15) {
83. echo "<div id='Error'>Your username is above fifteen (15) characters!</div>";
84. } elseif (strlen($Username) < 1) {
85. echo "<div id='Error'>Your username is under one (1) character!</div>";
86. } elseif (!is_alphanumeric($Username)) {
87. echo "<div id='Error'>Only A-Z and 1-9 is allowed, or there is profanity in your username.</div>";
88. } else {
89. if ($ref) {
90. $getRef = mysqli_query($connection, "SELECT * FROM Users WHERE ID='$ref'");
91. $gR = mysqli_fetch_object($getRef);
92. $RefExist = mysqli_num_rows($getRef);
93. if ($RefExist == 0) {
94. } else {
95. $userExist = mysqli_query($connection, "SELECT * FROM Users WHERE Username='$Username'");
96. $userExist = mysqli_fetch_object($userExist);
97. mysqli_query($connection, "UPDATE Users SET SuccessReferrer=SuccessReferrer + 1 WHERE ID='$ref'");
98. mysqli_query($connection, "INSERT INTO Referrals (ReferredID, UserID) VALUES('$ref','$userExist->ID')");
99. }
100. }
101.  
102. $_ENCRYPT = password_hash($Password, PASSWORD_DEFAULT);
103. $IP = $_SERVER['REMOTE_ADDR'];
104. mysqli_query($connection, "INSERT INTO Users (Username, Password, Email, IP) VALUES('$Username','$_ENCRYPT','$Email','$IP')");
105. $_SESSION['Username'] = $Username;
106. $_SESSION['Password'] = $_ENCRYPT;
107. header("Location: index.php");
108. }
109. }
110. }
111. }
112. }
113. }
114. }